I am creating transactions based on userId like this to find paths taken by a user in a session:
* | transaction mvlist=t userId maxpause=900s | table name, dt
Say I get a transaction that looks like this (just an example):
Events 1 & 2 and 4 & 5 are duplicate. I am not sure why I get these results, but in any case I want to remove the duplicate events, to make the transaction look like this:
Any idea how I could do this for all transactions?
... | transaction mvlist=t userId maxpause=900s | dedup name dt | table name, dt
View solution in original post
I figured it out now, it works if I do the dedup before creating the transaction. Thanks!
It doesn't seem to do anything. Maybe there's something wrong with the rest of my search, here is the entire search string:
The duplicates are still there.
Although it should work according to example 5 here: